package com.ethan.config;

import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

import javax.sql.DataSource;
import java.util.Arrays;

/**
 * @Description: TODO
 * @Author ethan
 * @CreateDate:2022/3/21 15:44
 * @UpdateDate: 2021/6/17 08:52
 * @Version 1.0
 */

public class AuthorizationServerConfig  extends AuthorizationServerConfigurerAdapter {
//    @Autowired
//    private TokenStore tokenStore;
//    @Autowired
//    PasswordEncoder passwordEncoder;
//
//    @Autowired
//    ClientDetailsService clientDetailsService;
//
//    @Autowired
//    private JwtAccessTokenConverter jwtAccessTokenConverter;
//
//
//    @Autowired
//    private AuthorizationCodeServices authorizationCodeServices;
//
//    @Autowired
//    private AuthenticationManager authenticationManager;
//    @Override
//    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//        clients.withClientDetails(clientDetailsService);
//    }
//    @Bean
//    public AuthorizationCodeServices authorizationCodeServices(DataSource dataSource){
//        return new JdbcAuthorizationCodeServices(dataSource);
//    }
//
//    /**
//     * 客户信息 配置
//     * @param dataSource
//     * @return
//     */
//    @Bean
//    public ClientDetailsService clientDetailsService(DataSource dataSource) {
//        JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
//        clientDetailsService.setPasswordEncoder(passwordEncoder);
//        return clientDetailsService;
//    }
//    @Override
//    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
//        security.tokenKeyAccess("permitAll()")
//                .checkTokenAccess("permitAll()")
//                .allowFormAuthenticationForClients();
//    }
//
//    public TokenEnhancerChain tokenEnhancer(){
//        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
//        tokenEnhancerChain.setTokenEnhancers(Arrays.asList((oAuth2AccessToken, oAuth2Authentication) -> {
//            return oAuth2AccessToken;
//        }, jwtAccessTokenConverter));
//        return tokenEnhancerChain;
//    }
//
//    /**
//     * DefaultTokenServices 管理-验证-生成jwt 返回的数据 包含返回的数据实体
//     * tokenStore：用来生成存储实体
//     * clientDetailsService：用来校验是否存在客户端等信息
//     * tokenEnhancer：用来添加额外的信息
//     * AuthenticationManager=PreAuthenticatedAuthenticationProvider：用来刷新token的用户校验等
//     * @return
//     */
//    //管理-验证-生成jwt 返回的数据-DefaultTokenServices
//    @Bean
//    public AuthorizationServerTokenServices tokenServices(){
//        DefaultTokenServices services = new DefaultTokenServices();
//        services.setClientDetailsService(clientDetailsService);
//        services.setSupportRefreshToken(true);
//        services.setTokenStore(tokenStore);
//
//        /**
//         * 无效的时间配置，token的有效期优先选择数据库中客户端的配置，如需修改，修改表oauth_client_details中的配置
//         * @see DefaultTokenServices#getAccessTokenValiditySeconds(OAuth2Request)
//         */
////        services.setAccessTokenValiditySeconds(10);//有效期10秒
////        services.setRefreshTokenValiditySeconds(30);//有效期30秒
//        //
//        services.setTokenEnhancer(tokenEnhancer());
//        return services;
//    }
//
//    /**
//     * TokenEndpoint:controller入口
//     * TokenGranter：用来校验的
//     *authorizationCodeServices：用来验证客户端等信息是否存在校验用
//     * authenticationManager：-》ProviderManager校验用户
//     * @param endpoints
//     * @throws Exception
//     */
//    @Override
//    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
//
//        endpoints
//                .authenticationManager(authenticationManager)
//                .authorizationCodeServices(authorizationCodeServices)
//                .tokenServices(tokenServices())
//                .allowedTokenEndpointRequestMethods(HttpMethod.POST);
//
//        //endpoints.pathMapping("/oauth/confirm_access","/custom/confirm_access");
//    }
}
